Sorry, I forgot the link to the bugfix [1]
[1]
https://github.com/walterdejong/pam_shield/commit/afa7b246018787fe6028289c414c33292641e1e0
On 2/6/12 10:47 , Laurentiu Pancescu wrote:
Package: libpam-shield
Version: 0.9.2-3.2 Severity: grave
Tags: security
With allow_missing_dns and allow_missing_reverse set to "no" (default
configuration in Squeeze), pam_shield doesn't take any action
whatsoever, besides logging the IP. If I set both variables to "yes",
the IPs are null-routed as expected. I tested by connecting via SSH from
a system without DNS records.
This seems to be a bug fixed upstream in September 2010 [1]. Is this
package still actively maintained in Debian? Upstream seems to be quite
active, but the Debian changelog doesn't seem to suggest any code
changes since December 2007.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
